MOREnet Security News Review -- December 9-13, 2013
MOREnet is offering SANS SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education, February 25 – 26, 2014. MOREnet members are eligible for a price of $1200 Minimum registration must be met by December 20, 2013 so enroll today! Click here for registration information.
WEEKLY THREAT RESOURCE SITE
KNOW YOUR ENEMY – THREAT ID OF THE WEEK
Creepware generally refers to Remote access Trojans (RATs) that are installed on a computer without the victim’s knowledge. In the past this was used for identity or information theft purposes, but today creepware can is used to spy on a victim with their own webcam or microphone.
Creepware - Who’s Watching You?
Are You Being Watched Through Your Webcam?
FBI arrested 19-Year-old Hacker for Sextortion
TOP HEADLINES THIS WEEK
Chase Breach: 465,000 Accounts Exposed
Microsoft's password strength tool attempts to read your mind
5 risks to avoid for the holidays
300 victims report fake support calls to security org
Computer Science Education Week
Study: Beware LinkedIn Invitations, Mail Delivery Messages
Positive and negative cyber threat developments in 2013
Kaspersky Security Bulletin 2013. Overall statistics for 2013
Gmail starts scanning images in emails for malware
Twitter reverses policy that would allow blocked persons to follow user
Zeus Malware Goes 64 Bit, Includes Tor Connectivity
5 Software Patching Tips to Keep Systems Current and Secure
Cryptolocker copycat ransomware emerges – but an antidote is possible
VULNERABILITIES AND PATCHES
Vulnerability Summary for the Week of December 2, 2013
Identity-Theft Vulnerability Fixed in Microsoft Office 365, Says Security Firm
Mozilla Patches Firefox 26 With 14 Security Advisories
Don’t delay! Grab the latest Microsoft and Adobe security patches NOW
E-mail Virus and Spam Filtering – MOREnet's E-mail Virus and Spam Filtering service is a low-cost layer of protection for your e-mail system. E-mail viruses and spam are two of the biggest hassles system administrators have to deal with on today's Internet. The E-mail Virus and Spam Filtering service requires no end user participation; no server, equipment or software reconfiguration; no time to administer; and no hardware investment on your part. Everything happens on MOREnet's backbone. Best of all, the service removes all known e-mail-borne viruses and eliminates most spam. Click the following link to find out additional feature. http://www.more.net/services/e-mail-virus-and-spam-filtering
UPCOMING TRAINING AND EVENTS
1. Wireshark How-To Series – Display Filters – Tuesday, December 17, 2013 – Online Webinar -- This is the fourth installment of our Wireshark How-To Series. In this webinar we’ll step through the process of creating and applying display filters. (NOTE: Display filters use a different syntax than capture filters.) We’ll discuss how to use display filters, how to build display filters, and how to avoid common display filter mistakes. Click here to register for this event
2. Wireshark How-To Series – Personalized Profiles – Tuesday, January 7, 2014 – Online Webinar -- This is the fifth installment of our Wireshark How-To Series. In this webinar we’ll step through customizing Wireshark’s GUI Interface and capture options. We’ll cover the basics of profiles and how to customize Wireshark for specific tasks. Click here to register for this event
3. Wireshark How-To Series – Using Wireshark’s Expert System – Tuesday, January 21, 2014 – Online Webinar -- This is the sixth and final installment of our first series of Wireshark How-Tos. In this webinar we’ll step through how to use Wireshark’s Expert System. We’ll cover how to launch Expert Info, colorize Expert Info elements, filter elements, and how to understand what triggers each element. Click here to register for this event
4. Introduction to Windows 2008 Server Administration – Tuesday, February 4, – February 5, 2014 – MOREnet, Columbia, MO -- Designed to build a foundation in basic server administration, this class introduces students to many of Windows Server 2008 features. The class includes extensive exercises which reinforce Microsoft Windows Server 2008 network administration skills as they are learned. Click here to register for this event
5. Social Media Series Part 1, Risks of Social Media – Wednesday, February 5, 2014 – Online Webinar – Does your staff or students understand the risks they take when posting comments or pictures to social media sites? Join us for a discussion of the unseen risks to innocent posts. Registration information available soon.
6. Introduction to Windows 2008 DNS, DHCP and CSVde – Thursday, February 6, 2014 – MOREnet, Columbia, MO -- This course is designed to provide a foundation for understanding both Domain Name System and Dynamic Host Configuration Protocol. Students will install and configure these services for automated IP communications. At the end of the day the students will also use the bulk user import utility CSVde. Students must have taken Intro to Windows 2008 server to attend. Click here to register for this event
7. Windows 2008 Group Policy – Friday February 7, 2014 – MOREnet, Columbia, MO -- This class is designed to allow students to centrally manage workstations and servers with Group Policy Objects (GPOs) within a Windows Active Directory domain. In class we will start at the beginning with defining what Group Policy is and what can be accomplished by using Group Policies within your organization. We will create simple group policies and test their effectiveness on a windows 7machine. We will explore some advanced Group Policy subjects such as redirecting user data and folders, deploying software and finish with using Group Policy Preferences to Map Drives and clean out folders. Click here to register for this event
8. Social Media Series Part 2, Understanding the Privacy Settings of Popular Social Media Sites– Wednesday February 19, 2014 – Online Webinar. Even if you understand the risks associated with social media, which settings are best and how do you find them on each site? This webinar will focus primarily on Facebook privacy settings, but will include references to many other social media sites. Registration information available soon.
9. SANS SEC464: Hacker Guard: Security Baseline Training for IT Administrators and Operations with Continuing Education – Tuesday, February 25 – Wednesday, February 26, 2014, MOREnet, Columbia, MO -- This educational program gives IT admins the tools and techniques to illuminate evidence of potentially malicious activity on their systems and to look deeper to determine whether the problems they see are real. It allows them to become the hacker guards for malicious activity in their organization. It uses hands-on exercises to ensure they are comfortable using the tools. MOREnet members are eligible for a price of $1200. Click here for registration information.
10. Social Media Series Part 3, Understanding the Privacy Settings of Popular Devices Media – Wednesday March 5, 2014 – Online Webinar – So your social media websites are locked down, but are all settings enforced the same if the device isn’t secured? Join us for a discussion of device settings to review to protect yourself from social media and other apps. Registration information available soon.
Do you know of any upcoming security-related training events? Please send them to email@example.com for inclusion in this newsletter!
SECURITY AWARENESS TIP OF THE WEEK
Having problems updating that security awareness program with the right information? Check out SANS Securing the Human Blog for the best issues to include! This week’s focus was the top 9.